Is there a web page that gives detailed help on the options of the tar
command? This is what I'm trying to figure out:

tar has the option "--numeric-owner"

....which according to the manpage in 2008.1 means:

"always use numbers for user/group names"

....and a more detailed manpage on the web says:

"This option will notify 'tar' that it should use numeric user and
group IDs when creating a 'tar' file, rather than names."

But according to the Wikipedia entry "Tar (file format)", the archive
format used by modern tar programs stores user:group as both numeric and
as names.

So does "--numeric-owner" just cause the name fields to be left blank? Or
does it only apply if an old archive format is explicitly specified? Does
it have any effect on tar extraction?

Then there's the option "--same-owner"

....which according to the 2008.1 manpage means:

"try extracting files with the same ownership"

....and a more detailed manpage says:

"When extracting an archive, 'tar' will attempt to preserve the
owner specified in the 'tar' archive with this option present."

So I guess that depending on whether this option is specified or not,
then it will either restore the original numeric user:group file
ownerships or it will attempt to match the user:group names to those used
by the running system. It's not obvious which is which from the above
wording.

--
Dave Farrance

On Sun, 06 Jul 2008 10:52:49 -0400, Dave Farrance <DaveFarrance@omitthisyahooandthis.co.uk> wrote:

> Is there a web page that gives detailed help on the options of the tar
> command? This is what I'm trying to figure out:
> tar has the option "--numeric-owner"
> ...which according to the manpage in 2008.1 means:

Check "info tar" ...
--numeric-owner'
The `--numeric-owner' option allows (ANSI) archives to be written
without user/group name information or such information to be
ignored when extracting. It effectively disables the generation
and/or use of user/group name information. This option forces
extraction using the numeric ids from the archive, ignoring the
names.

Confirmed by looking at the source.

In tar-1.19/src/create.c, it has ...
if (archive_format == V7_FORMAT || numeric_owner_option)
{
/* header->header.[ug]name are left as the empty string. */
}
else
{
uid_to_uname (st->stat.st_uid, &st->uname);
gid_to_gname (st->stat.st_gid, &st->gname);

so it leaves the names empty, when creating a tar file, with this option.


> So does "--numeric-owner" just cause the name fields to be left blank? Or
> does it only apply if an old archive format is explicitly specified? Does
> it have any effect on tar extraction?

In In tar-1.19/src/extract.c, it calls the function decode_header, which is
is the list.c file. It has ...
if (format == V7_FORMAT)
{
stat_info->stat.st_uid = UID_FROM_HEADER (header->header.uid);
stat_info->stat.st_gid = GID_FROM_HEADER (header->header.gid);
stat_info->stat.st_rdev = 0;
}
else
{
if (do_user_group)
{
/* FIXME: Decide if this should somewhat depend on -p. */

if (numeric_owner_option
|| !*header->header.uname
|| !uname_to_uid (header->header.uname, &stat_info->stat.st_uid))
stat_info->stat.st_uid = UID_FROM_HEADER (header->header.uid);

if (numeric_owner_option
|| !*header->header.gname
|| !gname_to_gid (header->header.gname, &stat_info->stat.st_gid))
stat_info->stat.st_gid = GID_FROM_HEADER (header->header.gid);
}

If the numeric owner option has been specified, or the owner's name in the file is
null, it will use the uid from the file. Otherwise it calls the function to convert
the uname to a uid. Similar for group.

> Then there's the option "--same-owner"

The option is referenced, in many places in the source. In this case, it's easier
to refer to "info tar". It says ...
`--same-owner'
Create extracted files with the same ownership they have in the
archive.

This is the default behavior for the superuser, so this option is
meaningful only for non-root users, when `tar' is executed on
those systems able to give files away. This is considered as a
security flaw by many people, at least because it makes quite
difficult to correctly account users for the disk space they
occupy. Also, the `suid' or `sgid' attributes of files are easily
and silently lost when files are given away.

When writing an archive, `tar' writes the user ID and user name
separately. If it can't find a user name (because the user ID is
not in `/etc/passwd'), then it does not write one. When restoring,
it tries to look the name (if one was written) up in
`/etc/passwd'. If it fails, then it uses the user ID stored in
the archive instead.

> So I guess that depending on whether this option is specified or not,
> then it will either restore the original numeric user:group file
> ownerships or it will attempt to match the user:group names to those used
> by the running system. It's not obvious which is which from the above
> wording.

Depends on if you are root, or not. I assume root was used to create the full
system tarballs, so the --numeric-owner on create/extract, is the only important
option, for this case.

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

"David W. Hodgins" <dwhodgins@nomail.afraid.org> wrote:

>On Sun, 06 Jul 2008 10:52:49 -0400, Dave Farrance wrote:
>
>> Is there a web page that gives detailed help on the options of the tar
>> command? ...
>
>Check "info tar" ...
>--numeric-owner'
> The `--numeric-owner' option allows (ANSI) archives to be written
> without user/group name information or such information to be
> ignored when extracting. It effectively disables the generation
> and/or use of user/group name information. This option forces
> extraction using the numeric ids from the archive, ignoring the
> names.

Thanks. I'd momentarily forgotten about the info pages. That's the
answer then. I've now added "--numeric-owner" to the tar commands in
both my backup and restore scripts.

I'd carefully read the tar manpage before writing my backup and restore
scripts, and I'd failed to spot that it was necessary to suppress the
user/group names and only use the numeric user/group info to ensure that
a system was restored exactly as before.

It's a pity that the lack of these options hadn't killed my installation
outright rather than introducing subtle dysfunctions here and there, or
I'd have spotted it much sooner. I've had to go back to a backup made
weeks ago, and redo all the changes made since then. Luckily, I keep a
detailed change log, so it was only about one hour's work.

--
Dave Farrance